[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: The keychain package, its debconf templates, the security hole induced

On Fri, 21 Jan 2005, Goswin von Brederlow wrote:
> Henrique de Moraes Holschuh <hmh@debian.org> writes:
> > This can very well be a much bigger security risk than doing what you
> > already do BUT using passphrases AND ssh-agent to reduce the window of
> > opportunity.
> Even if you get hold of the key all you can do with it is exactly what
> the cron job is doing anyway. The worst you can do is flood the
> destination system with jobs, e.g. start a daily cron job every
> second.

That depends on what you're running on the other side, doesn't it? If it can
be exploited depending on what you do with it...

> Limiting an ssh key to a specific command severly limits the damage
> you can do with it. This should be a must for any key that is to be
> used non interactively.

Agreed.  But that is orthogonal to ssh-agent use, since ssh-agent use (and
keychain use) does NOT preclude specific command limiting.

  "One disk to rule them all, One disk to find them. One disk to bring
  them all and in the darkness grind them. In the Land of Redmond
  where the shadows lie." -- The Silicon Valley Tarot
  Henrique Holschuh

Reply to: